Wednesday, January 1, 2014

Cybercrime in the 1980s

In the 1980s the
computer solidified its position in the upper income households, growing from
over 1 million households with computers to in excess of 14 million by the end
of the decade. In 1979, CompuServe introduced timesharing services to the
public through a 100-baud service called ‘MicroNet’, with electronic mail as
their first application. CompuServe added real-time messaging in 1980. By the
end of 1981 they had 10,000 users. By 1987 it grew to 380,000. It was a bit
pricey - $10 / hour. YouTube.com has an interesting vintage news report on the
system (search ‘1981 primitive Internet report on KRON’).

Bulletin Board Systems continued to proliferate in the
80s. They didn’t have monthly access fees and were under the control of the
person hosting the Board – not a corporation.The Internet continued to remain the private domain of the government
and some universities.

In the 1980s the cyber world, for all intents and
purposes, was a geography-centric system, bounded within countries by
telecommunications infrastructure borders and high international communications
costs. Any cyber crimes that occurred within a country could be effectively
investigated because the attack was likely staged within the same country and
there just weren’t as many to investigate.

Motives and Crimes

Hacking in the 1980s was primarily about pursuit of
knowledge, building reputations, a bit of politics, and games – games of
breaking into systems and pulling off pranks. The hacker underground gathered
and flourished in the anonymity and freedom of the Bulletin Board System where
boards in the hundreds such as Hack-A-Trip, Hackers of America, Hi-Tech
Pirates, Cult of the Dead Cow, Legion of Doom, PhoneLine Phantoms, and the
Strata-Crackers formed. Through boards hackers shared their knowledge and
displayed the trophies of their system exploits.

Curiosity / Reputation

Perhaps the most significant computer security event of the
1980s was the Morris Worm, a piece of computer malware written by Robert
Morris, a graduate student at Cornell University. Though the only purpose of
the worm was to propagate itself to other systems, it did degrade the
performance of systems it compromised, causing significant impact to
internet-connected systems it invaded.It was estimated to

In 1988, Prophet of Legion of Doom compromised AIMSX, a
BellSouth system. He did no damage, just explored. In his probing of the system
he discovered a file containing information related to administration of the
911 system. Why did he download the file? It was a trophy – proof of his
compromise of the system. Also, it was forbidden knowledge, and possession of
forbidden knowledge was the currency with which reputation was purchased.[1]

Pranking

Some system compromises were simply to pull off a
prank.In June of 1989 a person
compromised a Southern Bell phone switch and redirected calls made to the Palm
Beach County Probation Department to “Tina,” a phone-sex worker in New York
State.[2]

One of the earliest computer viruses was created as a
joke. Elk Cloner, written by Rich Skrenta, spread to Apple II systems through
infected floppy disks. The payload of the virus simply periodically displayed a
humorous poem, in addition to replicating itself to any floppy disk inserted
into an infected system.

Politics

The department of defense wasn’t left alone either. A
Defense Data Network security bulletin was published on October 18, 1989,
warning of a malicious worm attacking VMS systems on the SPAN network.[3]

Money

In 1989, a sixteen-year-old from Indiana gave an early
glimpse of the future financially-motivated electronic crime wave to come two
decades later. Fry Guy, so referred to in the computer underground because of
his compromise of a McDonald’s mainframe, developed a knack for pilfering data
from credit reporting agencies and for compromising phone-switching systems.
Combining these two skills, he would phone Western Union and ask for a cash
advance on a stolen card. To ensure the security of transactions, Western Union
had a practice of calling the card owner back to verify the authenticity of the
request. Having changed the card owner’s phone number temporarily to a public
pay phone, Fry Guy would answer the phone as the cardholder and authorize the
transaction.[4]